Question

I have an AWS WAFv2 Web ACL Logging configuration declared like this

resource "aws_wafv2_web_acl_logging_configuration" "logging_configuration" {
  count = var.enable_logging && var.waf_s3_log_bucket_id != "" ? 1 : 0

  log_destination_configs = [aws_kinesis_firehose_delivery_stream.waf_log_stream.*.arn[0]]
  resource_arn            = aws_wafv2_web_acl.waf.arn

  depends_on = [aws_kinesis_firehose_delivery_stream.waf_log_stream]
}

This code works, but the linter gave me a warning to not use the deprecated * notation when referencing an item that is in a list and to use square bracket notation instead. so I changed it

log_destination_configs = [aws_kinesis_firehose_delivery_stream.waf_log_stream[count.index].arn[0]]

When I do terraform plan it now runs, but then gives me this error

Error: Invalid index

aws_kinesis_firehose_delivery_stream.waf_log_stream is tuple with 1 element

count.index is 0

This value does not have any indices.

I understand the error, but there are 2 things that confuse me

1. If the count is 0, this resource should not even be created. Why would it be flagged by Terraform if that's the case?

2. If count is not 0, then the error that I'm getting should not exist. Why is Terraform CLI giving me this error?

Can someone tell me what the issue is here and how I can resolve this?